1. Field of the Invention
The embodiments disclosed in this application generally relate to protection against rogue protocols, such as for example Instant Message (IM) protocols, and the like.
2. Background of the Invention
When a portable computing device communicates remotely with a public server through the Internet directly or through an enterprise network connection, both the computing device and the enterprise network becomes vulnerable to attempts at intrusion by malicious users. Intrusion might occur by a person seeking to wrongfully access the portable computing device or the enterprise network, or might be due to a program (i.e., virus) attempting to wrongfully access resources available on the portable computing device or the enterprise network. For example, a computer virus might be sent from a public server and if allowed to operate on the portable computing device, can commandeer resources on the portable computing device or the enterprise network when the portable computer is logged on. For another example, a malicious user can generate a set of messages in an attempt to deny service to, or otherwise have an effect on the portable computing device or the enterprise network, such as preventing access by the portable computing device to resources on the enterprise network, or by preventing access by others to that portable computing device.
It is therefore sometimes desirable to apply policy rules for handling the message traffic of a portable computing device, particularly when those messages use a message protocol that might not be directed to business aspects of the network. For example, a number of message protocols have been developed recently that are primarily for personal use, but which often make their way into proprietary networks, such as enterprise networks, and which are subjected to possible abuses. These message protocols include, for example, instant message (IM) protocols, peer-to-peer (P2P) and other file sharing protocols, interactive game protocols, distributed computing protocols, HTTP Tunneling, and “.NET” or “SOAP” methods of computer program interaction. Some of the possible abuses that can result from these message protocols entering the enterprise network include accidental delivery of a computer virus to a client device within the enterprise network, communication of sensitive or proprietary information between a portable computing device outside the enterprise network and a client device on the enterprise network.
In a conventional situation, client devices on the enterprise network, and behind the enterprise network's firewall generate various communications with external devices (i.e., message servers, home personal computers, etc.) using various communications protocols, such as IM. In certain embodiments described in the related applications referenced above, a protocol enforcement gateway residing on the enterprise network ensures that the appropriate protocol enforcement rules, or policies, such as security enforcement policies are enforced for all of the communications generated by the client devices with the external devices. When a client device is portable and accesses the enterprise network remotely, the protocol enforcement gateway maybe unable to control communication traffic generated by the user by ensuring enforcement of all communication protocol policies. For example, in a situation where the portable client device is operated in a remote location (i.e., café, airport, restaurant, etc.) that is external to the enterprise network, there is a need to enforce communication protocol policies for all non-business related communications generated by the portable client device.